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What is claimed: 

1 . An access control system for controlling access to data stored on at least one 
data storage medium of a computing system, the access control system comprising: 

authentication means to authenticate users permitted to access data stored in 
5 the at least one data storage medium; and 

database means arranged to store data access profiles; 

each data access profile being associated with a user permitted to access data 
stored in the at least one data storage medium; 

each data access profile including information indicative of the degree of 
1 0 access permitted by a user to data stored in the at least one data storage medium; and 

each data access profile including a master data access profile and a current 
data access profile, the current data access profile being modifiable within parameters 
defined by the master data access profile. 

15 2. An access control system as claimed in claim 1, further comprising profile 
setting means arranged to facilitate creation of the master and current access profiles. 

3. An access control system as claimed in claim 2, wherein the access control 
system is incorporated into a computing system having an operating system and the 

2 0 master data access profile is modifiable only prior to loading of the operating system. 

4. An access control system as claimed in claim 1, wherein said control system is 
activatable so as to permit modification of the current access profile and deactivatable 
so as to prevent modification of the current access profile. 

25 

5. An access control system as claimed in claim 1, wherein the access control 
system is implemented at least in part in the form of software. 

6. An access control system as claimed in claim 1, wherein the access control 

3 0 system is implemented at least in part in the form of hardware. 

7. An access control system as claimed in claim 2, wherein the access control 
system is arranged to govern user access profiles used by a security device configured 
to control access to a data storage medium. 

35 
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8. An access control system as claimed in claim 7, wherein the security device is 
implemented at least in part in hardware and is of a type located between a data storage 
medium of a computing system and a CPU of the computing system. 

5 9. An access control system as claimed in claim 7, wherein the security device is 
implemented at least in part in hardware and is of a type incorporated into bus bridge 
circuitry of a computing system. 

10. An access control system as claimed in claim 1, wherein the access control 
10 system is incorporated into a computing system having an operating system and the 

current access profile is modifiable after loading of the operating system. 

11. A method of controlling access to data stored on at least one data storage 
medium of a computing system, the method comprising the steps of: 

15 providing means for authenticating users permitted to access data stored in the 

at least one data storage medium; and 
storing data access profiles; 

associating each data access profile with a user permitted to access data stored 
in the at least one data storage medium; 
2 0 each data access profile including information indicative of the degree of 

■ F 

access permitted by a user to data stored in the at least one data storage medium; and ' ' 
each data access profile including a master data access profile and a current 

data access profile; and 

facilitating modification of the current data access profile being within 
2 5 parameters defined by the master data access profile. 

12. A method as claimed in claim 11, further comprising the step of facilitating 
creation of the master and current access profiles. 

30 13. A method as claimed in claim 12, wherein the access control system is 
incorporated into a computing system having an operating system, and the step of 
facilitating modification of the current data access profile includes the step of 
facilitating modification of the master data access profile only prior to loading of the 
operating system. 

35 

14. A method as claimed in claim 11, further including the steps of facilitating 
activation of said control system so as to permit modification of the current access 
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profile and facilitating deactivation of said control system so as to prevent modification 
of the current access profile. 

15. A method as claimed in claim 11, wherein the access control system is 
5 implemented at least in part in the form of software. 

16. A method as claimed in claim 11, wherein the access control system is 
implemented at least in part in the form of hardware. 

10 17. A method as claimed in claim 1 1, further comprising the step of arranging the 
access control system so as to govern user access profiles used by a security device 
configured to control access to a data storage medium. 

18. A method as claimed in claim 17, wherein the security device is implemented 
15 at least in part in hardware and is of a type located between a data storage medium of a 

computing system and a CPU of the computing system. 

19. A method as claimed in claim 17, wherein the security device is implemented 
at least in part in hardware and is of a type incorporated into bus bridge circuitry of a 

2 0 computing system. 

20. A method as claimed in claim 11, further comprising the steps of incorporating 
the access control system into a computing system having an operating system and 
facilitating modification of the current access profile after loading of the operating 

25 system. 

21 . A computer program which when loaded into a computing system causes the 
computing system to operate in accordance with an access control system for 
controlling access to data stored on at least one data storage medium of a computing 

3 0 system, the access control system comprising: 

authentication means to authenticate users permitted to access data stored in 
the at least one data storage medium; and 

database means arranged to store data access profiles; 

each data access profile being associated with a user permitted to access data 
35 stored in the at least one data storage medium; 

each data access profile including information indicative of the degree of 
access permitted by a user to data stored in the at least one data storage medium; and 
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each data access profile including a master data access profile and a current 
data access profile, the current data access profile being modifiable within parameters 
defined by the master data access profile. 



5 22. A computer useable medium having a computer readable program code 
embodied therein for causing a computer to operate in accordance with an access 
control system for controlling access to data stored on at least one data storage medium 
of a computing system, the access control system comprising: 

authentication means to authenticate users permitted to access data stored in 
1 0 the at least one data storage medium; and 

database means arranged to store data access profiles; 

each data access profile being associated with a user permitted to access data 
stored in the at least one data storage medium; 

each data access profile including information indicative of the degree of 
1 5 access permitted by a user to data stored in the at least one data storage medium; and 

each data access profile including a master data access profile and a current data 
access profile, the current data access profile being modifiable within parameters 
defined by the master data access profile. 



